JP2007299254A - Image input/output device, and access control method - Google Patents

Abstract

<P>PROBLEM TO BE SOLVED: To provide a technology for authenticating a multifunctional machine by a plurality of users, exchanging data safely at low cost between users in the multifunctional machine when the multifunctional machine is shared by the plurality of the users. <P>SOLUTION: The image input/output device is an image input/output device 100 which can access a storage area (BOX) corresponding to a noncontact card. An antenna 1334 detects the noncontact card. A CPU 1301 performs authentication process with the noncontact card detected by the antenna 1334. When the authentication with a plurality of noncontact cards is established, access to the storage area (BOX) corresponding to the plurality of the noncontact cards is allowed. <P>COPYRIGHT: (C)2008,JPO&INPIT

Description

  The present invention reads a document as image data, accumulates it, prints it on paper, generates image data from data received from an external terminal, prints it on paper, and prints it on paper. The present invention relates to an image input / output device that provides a function.

  In recent years, as hard disks (hereinafter referred to as HD) and memory have become cheaper and larger, copy functions, print functions, and document management functions that save scanned text as image data and print the saved image data Multi-function peripherals that can hold large-capacity image data can now be stored.

  Usually, such a multifunction machine is efficiently operated by being shared and used by a plurality of people in an office. In this case, the document management function and the like are also used by a plurality of people, but there are also sentences that should be kept secret from each other. For this reason, the document management function is provided with a document storage BOX with an authentication function (see, for example, Patent Document 1), which can be used by each person to safely use a large amount of text on a multi-function peripheral. It is supposed to be.

As a prior art, there is a method of performing authentication by manually inputting a user name and a password for each user by using an operation unit of a multifunction machine. In addition, there is a technique (see, for example, Patent Document 2) in which a card is loaded into a dedicated card slot to establish authentication with a user.
JP 2000-134443 A JP 2002-351847 A

  However, consider a case where a user tries to pass data stored in a multifunction device to another user who shares the same multifunction device.

  In such a case, there is a means of printing a sentence to be handed over and then handing it over to the other party. However, since it is necessary to use paper once, when sending a large amount of text, it takes much time on the sender side. Furthermore, in order to be reused on the receiver side, the text must be scanned and stored again, which is very troublesome on the receiver side.

  Here, it is assumed that data is transferred within the shared multifunction peripheral. In that case, it is necessary for a plurality of users to simultaneously authenticate and access each document storage BOX.

  Assume that authentication is performed by manually inputting a plurality of user names and passwords from the operation unit. However, if text is exchanged with a shared multifunction device, the sending side and the receiving side of the text are near the multifunction device. If the user name and password are manually input from the operation unit in this state, there is a risk that the user ID and password will be stolen.

  Further, it is assumed that the user performs authentication by loading a card into a dedicated card slot. However, the current mainstream of authentication is that the card is loaded into a dedicated card slot and is authenticated while it is loaded. Can not. Therefore, in order to be able to authenticate simultaneously, it is necessary to add a card slot, which increases the cost.

  Therefore, the present invention aims to provide an image input / output device capable of ensuring security without adding a card slot or the like when using data held for each user among a plurality of users in one device. Yes.

  In order to solve the above-described problems, an image input / output device according to the present invention is an image input / output device capable of accessing a storage area corresponding to a non-contact type card, and includes a detection means for detecting the non-contact type card, Authentication means for performing authentication processing of the contactless card detected by the means, and when authentication with a plurality of contactless cards is established by the authentication means, a storage area corresponding to the plurality of contactless cards And permission means for permitting access.

  According to the present invention, when using data held for each user among a plurality of users in one apparatus, there is an effect that security can be ensured without adding a card slot or the like.

  An overall configuration of a network including an image input / output device 100 according to an embodiment of the present invention will be described with reference to FIG.

  The reader unit 200 optically reads a document image and converts it into image data. The reader unit 200 includes a scanner unit 210 having a function for reading a document and a document feeding unit 250 having a function for transporting a document sheet.

  The printer unit 300 conveys the recording paper, prints the image data as a visible image thereon, and discharges the recording paper out of the apparatus. The printer unit 300 includes a paper feed unit 360, a marking unit 310, and a paper discharge unit 360. The paper feed unit 360 is a unit having a plurality of types of recording paper cassettes. The marking unit 310 is a unit having a function of transferring and fixing necessary image data onto a recording sheet. The paper discharge unit 360 is a unit having a function of discharging the recording sheets printed as necessary after processing such as sorting and stapling.

  The control device 110 is electrically connected to the reader unit 200 and the printer unit 300, and is further connected to host computers 401 and 402 via the network 400. The control device 110 is connected to the FAX 501 via the public line 500.

  The control device 110 controls the reader unit 200 to read image data of a document, and controls the printer unit 300 to output the image data to a recording sheet to provide a copy function. In addition, a scanner function is provided that converts image data read from the reader unit 200 into code data and transmits the code data to the host computer via the network 400. In addition, a printer function for converting code data received from the host computer via the network 400 into image data and outputting the image data to the printer unit 300 is provided. Also, the image data read from the reader unit 200 is converted into code data, and the FAX transmission function for transmitting to the FAX 501 via the public line 500 and the code data sent from the FAX 501 via the public line 500 are converted into image data. A FAX reception function for converting and outputting to the printer unit 300 is also provided.

  The operation unit 150 is connected to the control device 110, is configured with a liquid crystal touch panel, and provides a user I / F for operating the image input / output device 100.

  FIG. 2 is a schematic view of the reader unit 200 and the printer unit 300. The document feeding unit 250 of the reader unit feeds documents one by one on the platen glass 211 in order from the top, and discharges the documents on the platen glass 211 after the document reading operation is completed. When the document is conveyed onto the platen glass 211, the lamp 212 is turned on, and the movement of the optical unit 213 is started to expose and scan the document. Reflected light from the original at this time is guided to a CCD image sensor (hereinafter referred to as CCD) 218 by mirrors 214, 215, and 216 and a lens 217. Thus, the scanned image of the original is read by the CCD 218.

  The reader image processing circuit unit 222 performs predetermined processing on the image data output from the CCD 218 and outputs it to the control device 110.

  The printer image processing circuit unit 352 outputs an image signal sent from the control device 110 to the laser driver 317.

  A laser driver 317 of the printer unit 300 drives the laser light emitting units 313, 314, 315, and 316, and laser light corresponding to the image data output from the printer image processing unit 352 is emitted from the laser light emitting units 313, 314, and 315. 316 is caused to emit light. This laser light is applied to the photosensitive drums 325, 326, 327, and 328 by mirrors 340, 341, 342, 343, 344, 345, 346, 347, 348, 349, 350, and 351. As a result, latent images corresponding to the laser light are formed on the photosensitive drums 325, 326, 327, and 328. 321, 322, 323, and 324 are developing units for developing a latent image with black (Bk), yellow (Y), cyan (C), and magenta (M) toners, respectively. The toner is transferred to a sheet and printed out in full color.

  A sheet fed from one of the sheet cassettes 360 and 361 and the manual feed tray 362 at a timing synchronized with the start of laser beam irradiation is attracted onto the transfer belt 334 via the registration roller 333 and conveyed. Then, the developer attached to the photosensitive drums 325, 326, 327, and 328 is transferred to a recording sheet. The recording paper on which the developer is placed is conveyed to the fixing unit 335, and the developer is fixed on the image recording paper by the heat and pressure of the fixing unit 335. The recording paper that has passed through the fixing unit 335 is discharged by a discharge roller 336. The paper discharge unit 370 performs a process of sorting the recording sheets by bundling the discharged recording sheets, a stapling process of the sorted recording sheets, and the like.

  If double-sided recording is set, the recording paper is conveyed to the discharge roller 336 and then the rotation direction of the discharge roller 336 is reversed and guided to the refeed conveyance path 338 by the flapper 337. The recording sheet guided to the refeed conveyance path 338 is fed to the transfer belt 334 at the timing described above.

<Description of control device>
The function of the control device 110 will be described with reference to FIG. FIG. 3 is a block diagram of the image input / output device 100 showing the circuit configuration of the reader unit 200, the printer unit 300, and the control device 110 of FIG. Note that the present invention is not limited to the image input / output device 100 shown in FIG. 3 as long as it includes the same configuration as shown in FIG.

  The control device 110 includes a main controller 1300. The main controller mainly includes a CPU 1301, a bus controller 1306, and various I / F controller circuits.

  The CPU 1301 and the bus controller 1306 control the overall operation of the control device 110. The CPU 1301 operates based on a program read from the ROM 1302 via the ROM I / F 1341. The ROM 1302 stores control programs based on flowcharts shown in FIGS. 10 and 12 described later, and the present embodiment is realized by the CPU 1301 operating based on these control programs. The operation of interpreting PDL (page description language) code data received from the host computer and developing it into raster image data is also described in this program and processed by software. The bus controller 1306 controls data transfer input / output from each I / F, and performs arbitration at the time of bus contention and control of DMA data transfer.

  The DRAM 1304 is connected to the bus controller 1306 and the main controller 1300 by a DRAM I / F 1342, and is used as a work area for the CPU 1301 to operate and an area for storing image data.

  The CODEC 1351 compresses the raster image data stored in the DRAM 1304 by a method such as MH / MR / MMR / JBIG / JPEG, and reversely compresses and stores the code data stored in the raster image data. The SRAM 1352 is used as a temporary work area of the CODEC 1351. The CODEC 1351 is connected to the bus controller 1306 and the main controller 1300 via the I / F 1343, and data transfer to and from the DRAM 1304 is controlled by the bus controller 1306 and DMA-transferred.

  The graphics processor 1303 performs image rotation, image scaling, color space conversion, and binarization processing on the raster image data stored in the DRAM 1304, respectively. The SRAM 1353 is used as a temporary work area for the graphic processor 1303. The graphic processor 1303 is connected to the bus controller 1306 and the main controller 1300 via the I / F 1344, and data transfer to and from the DRAM 1304 is controlled by the bus controller 1306 and is DMA-transferred.

  A network controller 1305 is connected to the bus controller 1306 and the main controller 1300 by an I / F 1345 and is connected to an external network by a connector 1354. The network is generally Ethernet (registered trademark).

  The general-purpose high-speed bus 1346 is connected with an expansion connector 1355 for connecting an expansion board and an IO control unit 1325. A general-purpose high-speed bus is a PCI bus.

  The IO control unit 1325 is equipped with two channels of an asynchronous serial communication controller 1326 for transmitting / receiving control commands to / from each of the CPUs of the reader unit 200 and the printer unit 300. In the embodiment, the scanner I / F 1307 and the printer I / F 1322 are connected.

As shown in FIG. 3, the operation unit I / F 1328 is connected to the LCD controller 1327,
A signal input from the touch panel or the hard key is transmitted to the CPU 1301 via the key input I / F 1355.

  Here, the operation unit I / F 1328 has a liquid crystal display unit 1601 as shown in FIG. 11, a touch panel input device 1602 attached on the liquid crystal display unit, and a plurality of hard keys (1603, 1604, 1605, 1607). . A liquid crystal display unit 1601 displays image data sent from the LCD controller. The liquid crystal display unit 1601 displays function display, image data, and the like in operation of the image input / output device.

  The real-time clock module 1356 is for updating / saving the date and time managed in the device, and is backed up by a backup battery 1357.

  The connector 1329 is for connecting an external storage device. In this embodiment, the HD drive 1330 is connected via this I / F, and operations such as storing image data in the HD 1331 and reading image data from the HD 1331 are performed.

  The non-contact device controller 1333 is connected to the serial communication controller 1326 in the IO control unit 1325 and the antenna 1334. The antenna 1334 connected to the non-contact device controller 1333 detects the non-contact type card 1335 having the antenna 1336 and the IC chip 1337, and transmits and receives data. The antenna 1334 can detect a plurality of contactless cards, and transmits and receives data to and from each contactless card. Data received by the antenna 1334 is transferred to the DRAM 1304 via the serial communication controller 1326, and the CPU 1301 analyzes the data transferred to the DRAM 1304. Data recorded by the CPU 1301 in the DRAM 1304 is transmitted via the serial communication controller 1326, the non-contact device controller 1333, and the antenna 1334, and is received by the antenna 1336 of the non-contact card 1335. By using the non-contact device controller 1331 and the non-contact type card, user authentication processing for the image input / output device can be performed without adding a card slot.

  Connectors 1310 and 1323 are connected to the reader unit 200 and the printer unit 300, respectively, and are composed of an asynchronous serial I / F and a video I / F.

  The scanner I / F 1307 is connected to the reader unit 200 via the connector 1310. The scanner I / F 1307 is connected to the main controller 1300 via a scanner bus 1348 and has a function of performing predetermined processing on an image received from the reader unit 200. Further, the scanner I / F 1307 has a function of outputting a control signal generated based on a video control signal sent from the reader unit 200 to the scanner bus 1348.

  Data transfer from the scanner bus 1348 to the DRAM 1304 is controlled by the bus controller 1306.

  The printer I / F 1322 is connected to the printer unit 300 via the connector 1323, and is connected to the main controller 1300 via the printer bus 1349. The printer I / F 1322 performs predetermined processing on the image data output from the main controller 1300, and It has a function of outputting to the printer unit 300. Further, the printer I / F 1322 has a function of outputting a control signal generated based on the video control signal sent from the printer unit 300 to the printer bus 1349.

  Transfer of raster image data developed on the DRAM 1304 to the printer unit is controlled by the bus controller 1306 and DMA-transferred to the printer unit 300 via the printer bus 1349 and the video I / F.

<Description of Image Processing Unit of Printer I / F>
A detailed description will be given of a portion of the printer I / F 1322 that performs image processing. FIG. 4 is a block diagram illustrating a detailed configuration of a portion responsible for image processing of the printer I / F 1322.

  An image signal sent from the main controller 1300 via the printer bus 1349 is first input to the LOG conversion unit 701. The LOG converter 701 converts RGB signals to CMY signals by LOG conversion. Next, moire is removed by the moire removing unit 702. A UCR & masking unit 703 generates a CMYK signal from the CMY signal that has undergone moire removal processing by UCR processing, and the masking processing unit corrects the CMY signal to a signal that matches the output of the printer. The signal processed by the UCR & masking unit 703 is subjected to density adjustment by the γ correction unit 704 and then smoothed or edge processed by the filter unit 705.

  Through these processes, an image is sent to the printer unit 300 via the connector 1323.

<Sequence when outputting PDL image>
FIG. 5 is a flowchart showing a procedure for outputting a PDL image in the present embodiment. Note that S3001 to S3008 in the figure indicate each step.

  When outputting a PDL image, in step S3001, the user performs print settings for the PDL image output job on the PC 401. The contents of the print settings include the number of copies, the paper size, one side / both sides, page output order, sort output, presence or absence of stapling.

  In step S3002, a print instruction is given on the PC 401. At the same time, the driver software on the PC 401 converts the code data on the PC 401 to be printed into PDL data and transfers it to the control device 110 of the image input / output device via the network 400 together with the print setting parameters set in S3001. To do.

  In step S3003, the CPU 1301 of the main controller 1300 of the control device 110 expands (rasterizes) the PDL data transferred via the connector 1354 and the network controller 1305 into image data based on the print setting parameters. The development of the image data is performed on the DRAM 1304. When the development of the image data is completed, the process proceeds to S3004.

  In step S <b> 3004, the main controller 1300 transfers the image data expanded on the DRAM 1304 to the graphic processor 1303.

  In step S3005, the graphic processor 1303 performs image processing independently of the print setting parameters. For example, when the paper size specified by the print setting parameter is A4 but the paper feed unit 360 of the printer unit 300 has only A4R paper, the graphic processor 1303 rotates the image by 90 degrees. Therefore, it is possible to output an image that matches the output paper. When the image processing of the image data is completed, the process proceeds to S3006.

  In step S <b> 3006, the graphic processor 1303 transfers the image data after image processing to the main controller 1300. The main controller 1300 stores the transferred image data on the DRAM 1304.

  In step S <b> 3007, the main controller 1300 transfers the image data on the DRAM 1304 to the printer unit 300 at an appropriate timing while controlling the printer unit 300 via the printer I / F 1322 and the connector 1323.

  In step S3008, the control device 110 controls the printer unit 300 to print out image data. When the transfer of the image data is completed, that is, when the PDL job is finished, the print output is finished.

<Sequence when outputting copy image>
FIG. 6 is a flowchart showing a copy image output procedure in the present embodiment. In addition, S4001-S4007 in a figure shows each step.

  When outputting a copy image, in step S4001, the user performs copy settings for the copy image output job on the operation unit 150. The copy setting contents are the number of copies, paper size, single side / double side, enlargement / reduction ratio, sort output, presence of stapling, and the like.

  In S4002, when a copy start instruction is given on the operation unit 150, the main controller 1300 of the control device 110 controls the reader unit 200 via the scanner I / F 1307 and the connector 1310, and performs an operation of reading image data of a document. First, the document feeding unit 250 feeds the placed documents one by one onto the platen glass 211, and simultaneously detects the size of the document. Image data is read by exposing and scanning the document based on the detected size of the document. The read image data is stored on the DRAM 1304.

  In this embodiment, scaling processing can be realized by the graphic processor 1303 in both the main scanning direction and the sub-scanning direction regardless of the setting of the enlargement / reduction ratio of the copy setting. Therefore, in this embodiment, image data is always read at the same magnification (100%). It should be noted that a scaling process in the sub-scanning direction is realized by changing the moving speed of the optical unit 213 according to the setting of the enlargement / reduction ratio of the copy setting, that is, the scaling ratio in the sub-scanning direction. Even a technique (image reading system) can be applied to the present embodiment.

  In step S4003, the main controller 1300 transfers the image data on the DRAM 1304 to the graphic processor 1303.

  In step S4004, the graphic processor 1303 performs image processing based on the copy setting parameter. For example, when enlargement of 400% is set, scaling processing in both the main scanning direction and the sub-scanning direction is performed using an image scaling unit that is a module in the graphic processor 1303. When the image processing of the image data is completed, the process proceeds to S4005.

  In step S4005, the graphic processor 1303 transfers the image data after image processing to the main controller 1300. The main controller 1300 stores the transferred image data on the DRAM 1304.

  In step S4006, the main controller 1300 transfers the image data on the DRAM 1304 to the printer unit 300 at an appropriate timing while controlling the printer unit 300 via the printer I / F 1322 and the connector 1323.

  In step S4007, the control device 110 controls the printer unit 300 to print out image data. When the transfer of the image data is completed, that is, when the copy job is finished, the print output is finished.

<Description of this embodiment>
This embodiment will be described with reference to FIGS. 3 and 7 to 16.

  FIG. 7 is a diagram showing a BOX management table for managing image data in the HD 1331. The BOX management table is a management table having a BOX number 1421, an attribute 1422, a head logical address 1423, and a block number 1424 as elements. The BOX number 1421 indicates a storage location (BOX) of image data. The attribute 1422 indicates various pieces of information of stored image data. The head logical address 1423 indicates the head logical address of a storage area (BOX) that can be written to and read from the HD 1331. The number of blocks 1424 indicates the data size secured on the HD 1331.

  FIG. 8 is a diagram showing a user management table stored in the DRAM 1304. The user management table is a table for managing which BOX number 1421 is used for each user ID 1401, and is a management table having a user ID 1401, a password 1402, and a BOX number list 1403 as elements.

  FIG. 9 is a diagram showing the access list 9 (a) and the access list transition 9 (b) in the present embodiment. The access list is a list for managing users who have been authenticated for the image input / output device using the user ID 1401 and the password 1402 in the user management table. In the access list, a user ID 1411 for which authentication has been established for the image input / output device and an accessible area list 1412 indicating a storage area (BOX) to which the user is permitted to access are stored in association with each other. In this embodiment, the access to the storage area is a state in which information can be written into the storage area or information contained in the storage area can be read. Specifically, information in the storage area (BOX) described later is used. Indicates the state in which can be displayed, duplicated, output, deleted, input information added, etc.

  FIG. 10 is a flowchart describing a flow of control related to card detection processing that is periodically performed in the image input / output device when the user of this embodiment accesses. When this card detection processing is performed, the image input / output device performs processing related to the program described in the flowchart shown in FIG.

  When the CPU 1301 refers to the HD 1331 via the bus controller 1306 and the HD drive 1330, by using the BOX management table of FIG. Will be read.

  Hereinafter, the flow relating to the control program related to the card detection process will be described with reference to the flowchart of FIG.

  The CPU 1301 periodically detects the non-contact type device controller 1333 connected to the serial communication controller 1326 in the IO control unit 1325 and the non-contact type card 1335 having the antenna 1336 and the IC chip 1337 by the antenna 1334.

  When a non-contact type card 1335 is detected via the antenna 1334 and the non-contact type device controller (1501), communication for acquiring an ID and a password stored in the IC chip 1337 is performed (1502).

  The CPU 1301 that has acquired the ID and password stored in the IC chip 1337 via the antenna 1334 and the non-contact type device controller 1333 performs an authentication process (1503). If the ID and password stored in the IC chip 1337 match both the user ID 1401 and the password 1402 in the user management table (1504), the user ID of the authenticated user and the accessible area for the access list Is registered (1505).

  As a result of the authentication process (1503), it is assumed that the ID and password stored in the IC chip 1337 do not match both the user ID 1401 and the password 1402 in the user management table. At that time, the CPU 1301 displays an error message on the operation unit I / F 1328 using the serial communication controller 1326 and the LCD controller 1327 of the IO control unit 1325 via the bus controller 1306 (1506).

  Further, it is detected that the contactless card 1335 has been removed via the antenna 1334 and the contactless device controller (1507). At this time, the contents of the BOX number list corresponding to the user ID of the removed contactless card 1335 and the user ID in the user management table are deleted from the access list (1508).

  The processing of the image input / output device will be specifically described with reference to FIG. Here, users having user ID 0001 and user ID 0002 in the user management table sequentially access the image input / output device. Next, the user having the user ID 0001 performs print processing using data existing in the BOX having the user ID 0002. Thereafter, description will be made along the flow of processing for restricting access to the user having the user ID 0001.

  It is assumed that both the user ID 1404 and the password match and authentication is established (1504). At that time, the user ID and the accessible area of the authenticated user are registered in the access list (1505). Here, as shown in FIG. 9B, the contents of the BOX number list 1403 corresponding to the authenticated user ID 0001 are copied to the access list 1414.

  The user who has established the authentication through the authentication processing 1504 registers the user ID 1401 and the BOX number 1403 in the user ID 1411 and the accessible area list 1412 of the access list. As a result, the user gives access to the BOX corresponding to the BOX number indicated in the accessible area list 1412 with respect to the HD 1331 by instructing the CPU 1301 via the operation unit I / F 1328. , Read / write, etc. become possible.

  While the user performs the operation 1507 of the HD 1331, the CPU 1301 periodically detects other non-contact type cards using the non-contact type device controller 1333 and the antenna 1334. When a new contactless card is detected, communication for acquiring an ID and password stored in the IC chip is performed in the same manner as described above to acquire the ID and password. Authentication processing is performed from the acquired ID and password, and if there is a corresponding ID and password in the management table, authentication is established.

  At present, in the access list, as shown by 1414 in FIG. 9B, the user ID is 0001, and the accessible area list is registered with BOX numbers 0, 2, and 4. Here, when the authentication process (1504) is performed and the user ID 0002 is added to the access list, the access list changes to the state 1415 of FIG. 9B. Users with authenticated user IDs 0001 and 0002 can read and write to the five BOXes on the HD 1331 indicated by the BOX numbers 0, 2, 4, 1, and 3. That is, access to the BOX on each HD 1331 is permitted between users having user ID 0001 and user ID 0002.

  Here, the user having the user ID 0001 transfers the image data stored in the BOX number 1 on the HD 1331 to the DRAM 1304. Printing can be performed by performing image processing via the graphic processor 1303 via the bus controller 1306 and transferring the image to the printer unit 300 via the printer I / F 1322.

  At this time, the user having the user ID 0001 saves the image data of the original read via the reader unit 200 and the scanner I / F 1307 in the DRAM 1304 via the graphic processor 1303. Thereafter, the image data can be transferred and stored in the BOX of HD 1331 corresponding to the BOX number of the user ID 0002 in the accessible area list 1412.

  When the contactless card is moved outside the detection range by card detection (1507), the CPU 1301 determines that the contactless card has been removed by the user, and corresponds to the contactless card removed from the access list. The user ID and accessible list are deleted (1508).

  It is assumed that the contactless card having the user ID 0001 has moved out of the detection range. When the CPU 1301 no longer detects the contactless card having the user ID 0001, the BOX number corresponding to the user ID 0001 is deleted from the accessible area list of the access list. Therefore, as in the access list 1416 in FIG. 9B, only the BOX numbers 1 and 3 in the BOX number list of the user ID 0002 remain in the user ID 0002 and accessible area list.

  As a result, the CPU 1301 can restrict access to the HD 1331 area of the user having the user ID 0001 that is no longer authenticated. Here, restricting access in the present embodiment indicates that access to the storage area (BOX) is prohibited, that is, processing using information in the storage area (BOX) is prohibited. Note that the access restriction is not limited to this embodiment, and may include a partial prohibition such as allowing only a part of information to be displayed.

  An actual process between authenticated users will be described with reference to FIGS. 11 to 17.

  FIG. 12 is a flowchart showing a processing program of the CPU 1301 when a user processes data using a BOX. Hereinafter, description will be made along this processing flow.

  First, in order for the user to perform image processing using the BOX, the CPU 1301 refers to the access list at that time (2201), and displays the BOX list display screen shown in FIG. 13 on the liquid crystal display unit 1601 (2202). ). Reference numerals 1701 to 1707 operate as buttons of the touch panel input device, and a name of a storage area (BOX) holding user image data stored in the HD 1331 is displayed in 1708.

  When the user presses 1701 to 1707, the touch panel input device 1602 notifies the CPU 1301 which key is pressed via the serial communication controller 1326. Here, the CPU 1301 determines whether or not the user has access authority to the BOX by referring to the access list (2203). Here, having access authority indicates that access is permitted to the storage area (BOX) designated by the user. If the user has access authority, the CPU 1301 reads out the information of the area (BOX) stored in the HD 1331 corresponding to the notified button from the HD 1331 and displays it on the liquid crystal display unit 1601 as shown in FIG. (2204).

  Here, the key mark 1710 is access restriction information, and is a display indicating a BOX for which the user does not have access authority. The CPU 1301 restricts user access to the BOX on which the key mark 1710 is displayed. Here, when there is no authority to access the selected storage area (BOX), that is, when a button with the key mark 1710 displayed is selected and pressed, a warning display 2101 is displayed as shown in FIG. (2206). In such a case, after displaying the error, the CPU 1301 performs processing to perform the display shown in FIG. 13 so that the user can select the BOX again.

  In this embodiment, all the storage areas (BOX) are displayed as a list. However, the present invention is not limited to this embodiment, and only the storage areas (BOX) that are authenticated and permitted to access are displayed as a list. It may be a configuration.

  FIG. 14 shows a list of image data 1801 and operation buttons 1802 to 1809 stored in the storage area (BOX) of the selected user. The touch panel input device 1602 notifies the CPU 1301 which key is pressed via the serial communication controller 1326. The CPU 1301 performs various BOX operation processes when the user presses the image data list 1801 or the operation buttons 1802 to 1809 (2205).

  For example, when the image display 1802 is pressed, the CPU 1301 transfers the image data in the HD 1331 to the DRAM 1304, and the image data on the DRAM 1304 is transferred to the operation unit I / F 1328 via the LCD controller 1327 to be displayed on the liquid crystal display unit 1601. .

  When the print 1804 is pressed, the CPU 1301 transfers the image data in the HD 1331 to the DRAM 1304, and the image data developed on the DRAM 1304 is transferred to the printer 1324 via the printer I / F 1322 to perform printing. . When the document reading 1807 is pressed, the CPU stores the image data input from the reader unit in the storage area (BOX) currently displayed via the scanner I / F.

  Further, when image data is selected from the image data list 1801 in FIG. 14 and the delete 1808 is pressed, the CPU 1301 deletes the image data on the HD 1331. Further, when image data is selected from the image data list 1801 and transmission 1809 is pressed, the image data expanded in the DRAM 1304 is scaled and compressed by the graphic processor 1303 or the CODEC 1351, and the network controller 1305 to the PC 401 on the LAN 400. Etc. can also be transmitted.

  When a reference 1805 is pressed in FIG. 14, the CPU 1301 displays a dialog for referring to a storage area (BOX) holding user image data stored in the HD 1331 as shown in FIG. Displayed on the part 1601. By selecting dialogs 1901 to 1907 indicating storage areas for image data from among the dialogs displayed in FIG. 15 and pressing the execute button 1901, the contents of the selected storage area (BOX) can be referred to.

  When there is no access right to the selected storage area (BOX), that is, when a button with a key mark 1910 is selected and pressed, a warning display similar to FIG. 17 is displayed as described above.

  In FIG. 14, when image data is selected from the image data list 1801 and the move / copy 1803 is pressed, a dialog for selecting a storage area (BOX) to which the image data is to be moved is displayed as in FIG. . When a storage area (BOX) with access authority is selected, image data can be moved to the storage area, or duplicated image data can be moved.

  14 to 16, an operation actually performed by the user during a file copy operation, which is one of the BOX operation processing (2205) between authenticated users, together with the display screen of the liquid crystal display unit 1601. Will be described in detail.

  In this embodiment, the user presses reference 1805 in FIG. 14, selects the user name Yamada from the dialog displayed in FIG. 15, and refers to the contents of the storage area (BOX) of BOX number 00 as shown in FIG. is doing.

  In the dialog displayed in FIG. 16, by selecting a file to be copied and pressing an execute button 2003, the selected file can be duplicated.

  In FIG. 16, two files of estimate A2001 and estimate B2002 are selected. When the user presses the execute button 2003, the CPU 1301 duplicates two files, the estimate A2001 and the estimate B2002, and stores them in the storage area (BOX) of the user name David and the BOX number 04.

  As described above, when the image input / output device according to the present embodiment detects a contactless card, performs authentication processing on the contactless card, and the authentication unit establishes authentication with a plurality of contactless cards. The access is permitted to the storage area corresponding to the plurality of contactless cards. As a result, when transferring data held for each user among a plurality of users in one apparatus, there is an effect that security can be ensured without adding a card slot or the like.

1 is a diagram illustrating an entire configuration of an image input / output device and a network configuration thereof according to the present invention. 2 is a diagram illustrating an overview of a reader unit 200 and a printer unit 300. FIG. 2 is a block diagram illustrating a hardware configuration in the image input / output device 100. FIG. FIG. 3 is a block diagram illustrating a detailed configuration of a portion responsible for image processing of a printer I / F 1322. It is a flowchart which shows the procedure of the PDL image output in this embodiment. It is a flowchart which shows the procedure of the copy image output in this embodiment. It is a figure which showed the BOX management table for managing the image data in HD1331. 4 is a diagram showing a user management table stored in a DRAM 1304. FIG. (A) is a figure which shows the access list which links | relates and holds the accessing user ID and the accessible area | region list | wrist of the accessing user. (B) is a figure which shows the transition of the access list in this embodiment. It is a figure which shows the flowchart of the control program regarding a card | curd detection process performed regularly in the image input / output device when the user of this embodiment accesses. It is a figure which shows the liquid crystal display part 1601, the touch-panel input device 1602, and the operation part I / F which has a some hard key. It is a figure which shows the flowchart of the control program at the time of a user processing data using BOX. FIG. 11 is a diagram showing a BOX list display screen displayed on the liquid crystal display unit 1601 when performing image processing using BOX between users. FIG. 11 is a diagram showing a display screen when information such as image data stored in a user (David) BOX stored in the HD 1331 is displayed on the liquid crystal display unit 1601. FIG. 14 is a diagram showing a display screen displayed on the liquid crystal display unit 1601 when reference 1805 is pressed in FIG. 15 shows a display screen displayed on the liquid crystal display unit 1601 when referring to the contents of the selected BOX by selecting an image data storage area and pressing the execution button 1901 in the dialog displayed in FIG. FIG. In FIG. 13, it is a figure which shows the display screen displayed on the liquid crystal display part 1601 at the time of displaying the warning display 2101 at the time of selecting with respect to the BOX which has no access right.

Explanation of symbols

100 Image input / output device 110 Control device 200 Reader unit 300 Printer unit 1300 Main controller 1301 CPU
1306 Bus controller

Claims (11)

In an image input / output device that can access a storage area corresponding to a contactless card,
Detection means for detecting a contactless card;
Authentication means for performing authentication processing of the contactless card detected by the detection means;
An image input / output comprising: permission means for permitting access to a storage area corresponding to a plurality of contactless cards when authentication with a plurality of contactless cards is established by the authentication means. apparatus.   The said detection means is provided with the restriction means which restrict | limits access with respect to the storage area corresponding to this non-contact type card | curd when it becomes impossible to detect the said non-contact ID card with which authentication was already established. 2. The image input / output device according to 1. The image input / output device includes display means for displaying a list of storage areas in the image input / output device,
The image input / output apparatus according to claim 1, wherein the display unit displays the storage area permitted to be accessed by the permission unit in an identifiable manner.   The image input / output apparatus according to claim 3, wherein the display unit displays access restriction information for a storage area to which access is restricted by the restriction unit.   The image input / output apparatus according to claim 3, wherein the display unit displays a list of storage areas that are permitted to be accessed by the permission unit. In an access control method for an image input / output device capable of accessing a storage area corresponding to a contactless card,
A detection process for detecting a contactless card;
An authentication process for performing an authentication process on the contactless card detected by the detection process;
An access control method comprising: an authorization step for permitting access to a storage area corresponding to a plurality of contactless cards when authentication with a plurality of contactless cards is established by the authentication step. .   2. The method according to claim 1, further comprising a restriction step of restricting access to a storage area corresponding to the non-contact type card when the non-contact ID card that has already been authenticated in the detection step cannot be detected. 7. The access control method according to 6. The access control method includes a display step of displaying a list of storage areas in the image input / output device,
8. The access control method according to claim 6, wherein the display step displays the storage area permitted to be accessed by the permission step so as to be identifiable.   9. The access control method according to claim 8, wherein the display step displays access restriction information for a storage area whose access is restricted by the restriction step.   9. The access control method according to claim 8, wherein the display step displays a list of storage areas to which access is permitted by the permission step. In a control program for realizing, by a computer, an access control method of an image input / output device that can access a storage area corresponding to a contactless card,
If a contactless card is detected, an authentication process for performing authentication processing of the contactless card,
A control program comprising a permission step of permitting access to a storage area corresponding to a plurality of contactless cards when authentication with a plurality of contactless cards is established by the authentication step.

Images